Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Wiretapping Audit Secrets Uncovered Via Ctrl+C

Posted by kdawson on from the c'mon-guys-it's-not-even-obscure dept.

mytrip notes a story in Wired's Threat Level blog on the latest boneheaded government moves with redaction. (We've been discussing redaction follies here for years.) This time it's an FBI report (PDF) on implementing CALEA — you can select text from redacted areas, copy it, and paste into a text editor, as University of Pennsylvania professor Matt Blaze discovered. From Wired: "Once again, supposedly sensitive information blacked out from a government report turns out to be visible by computer experts armed with the Ctrl+C keys — and that information turns out to be not very sensitive after all... [Among] the tidbits considered too sensitive to be aired publicly: The FBI paid Verizon $2,500 apiece to upgrade 1,140 old telephone switches. Oddly the report didn't redact the total amount paid to the telecom — slightly more than $2.9 million dollars — but somehow the bad guys will win if they knew the number of switches and the cost paid."

13 of 231 comments (clear)

  1. No suprises by Lumpy · · Score: 2, Informative

    Most of the time something deemed "secret" rarely is. Also when I was last in the public Sector, IT was woefully underfunded and overall employee training was even worse. Things like this will continue to be a major mess.

    --
    Do not look at laser with remaining good eye.
  2. Implementation by Graywolf · · Score: 5, Informative

    "Redacted" was apparently implemented by covering the area with a white rectangle. Since the PDF has real text/vector graphics (as opposed to a bitmap), the information is still present in the file and even the standard Acrobat viewer can access it. Someone "Failed at Behaving Intelligently"

  3. Not everything is censorship. by R2.0 · · Score: 5, Informative

    Sometimes items are redacted because of contractual commitments or confidentiality agreements. Take the example in the story; now, all Verizon's competition needs to do is bid $2,499 per switch and they get the job. So what if they could have supplied the switches at $2,200 and still made a healthy profit - they just need to be low. So that's $299 extra per switch that the government (aka, taxpayers) will have to pay because the competitive bid environment has been contaminated.

    But hey, they made their point about evil government masterminds being wholly incompetent, so what does logic matter?

    --
    "As God is my witness, I thought turkeys could fly." A. Carlson
    1. Re:Not everything is censorship. by Anonymous Coward · · Score: 1, Informative

      Once bids are awarded they are in the public domain.

  4. Re:Too much UNIX for me by Tim+C · · Score: 4, Informative

    Ctrl+C, Ctrl+X and Ctrl+V were increasingly common shortcuts in Linux apps the last time I used Linux on the desktop, which is going back a good few years now.

    Yes, they still do "different" things in a terminal, but they're by no means "Windows commands" any more.

    --
    It's official. Most of you are morons.
  5. Copy & Paste Reveals FBI Wiretapping Audit Sec by FlameWise · · Score: 5, Informative

    Honestly, same here. Some of those headlines are becoming really hard to read.

    "Wiretapping": verb. The FBI is wiretapping something. "is" omitted as in many headlines.

    "Audit": verb. The FBI's act of wiretapping is auditing something (Huh?)

    "Secrets": verb. The Audit of the FBI's wiretapping is leaking something. Wait isn't "secrete" writting with an extra "e"?

    "Uncovered": verb, passive. By now I'm sort doubtful I got it right in the fourth attempt.

    "Via Ctrl+C": By what?

    It took me reading the link in the original post to figure they meant a key press and not a screen name or a publication I wasn't familiar with, also helped me sort the four verbs into some semblance of legal grammar.

    How about: "Copy & Paste Reveals FBI Wiretapping Audit Secrets"?

    Remember school: Passive is bad for you.

  6. Re:Too much UNIX for me by Zarhan · · Score: 1, Informative

    "Ctrl+C" isn't just "Windows" standard, it's actually coming from much older days. You are looking for

    http://en.wikipedia.org/wiki/Common_User_Access

    and it's actually originating from IBM. Personally I'm *glad* that Linux desktop environments are also pretty much implementing the standard - I *like* being able to always hit F1 for help, Shift+F12 for save etc. I've even seen CUA bindings setup for Emacs but cannot find a link right now..

  7. It looks like you're trying to redact a document! by Halo- · · Score: 5, Informative

    For me, the best part of the article was the link to the NSA redaction guidelines. Interesting reading I suppose, but the fact that throughout the entire paper the screencaps of MS Word had that damn Clippy-substitute cat sitting in the corner was classic. I'm not sure I'd trust someone (even at the NSA) to give me advice on MS Word options and settings when they can't even turn of the animated assistant.

  8. Re:Too much UNIX for me by dbitch · · Score: 5, Informative

    These are the IBM Common User Access commands. So, they were never "Windows commands" to begin with.

    Funny how history works, huh?

  9. Re:Too much UNIX for me by sqldr · · Score: 3, Informative

    There's actually two pasteboards. Selecting it puts it into the X11 pasteboard, ctrl+c puts it into the gnome/kde pasteboard. There are differences, eg. the gnome/kde one has metadata and can contain images, links etc. It also seems to be more limitless - pasting 50000 lines from the X11 buffer rarely works.

    It's actually really useful to have two paste buffers in certain issues - ctrl-v to paste one, middle to paste the other.

    --
    I wrote my first program at the age of six, and I still can't work out how this website works.
  10. Re:Too much UNIX for me by Anonymous Coward · · Score: 2, Informative

    those guys were just involved in a dick-measuring "biggest nerd" contest.

    The above explains the run that Home Depot had on tweezers and magnifying glasses.

  11. Linux makes things even easier! by 1336 · · Score: 2, Informative

    In Ubuntu if you use the default PDF viewer (Evince), you can see the "sensitive information" in the tables by simply HIGHLIGHTING the text.

    No need to even use the keyboard to copy/paste the data! ;)

  12. Re:Too much UNIX for me by _xeno_ · · Score: 4, Informative

    These are the IBM Common User Access commands. So, they were never "Windows commands" to begin with.

    No, they're not. The Wikipedia article even lists the correct keys that actually were in the CUA. They were the ever-so-intuitive:

    Copy: Ctrl-Ins
    Cut: Shift-Del
    Paste: Shift-Ins
    Undo: Alt-Backspace

    These were the CUA shortcuts. The new Ctrl-Z/X/C/V shortcut set was stolen off the Mac, because unlike the CUA set, it makes sense. Unlike the CUA, it's always Control-Something. X and C make perfect sense for Cut and Copy. Z and V make less sense unless you think of them as little icons, in which case the Z is a Zig-Zag backwards and the V is a down-arrow pasting into the document. Ultimately, though, they're used because they're next to each other on the keyboard. All your common edit actions in a nice little row.

    If you want a non-Wikipedia source, you can try this page. The CUA keys still work in most Windows applications, it's just that the Mac keys also work since they don't overlap. Alt-F4 remains as probably the most-used CUA shortcut.

    --
    You are in a maze of twisty little relative jumps, all alike.